nix: Common bases
This commit is contained in:
parent
5123cb93a9
commit
0aed911875
|
@ -1,22 +0,0 @@
|
|||
- name: Set variables
|
||||
set_fact:
|
||||
manjaro: "{{ ansible_lsb.id == 'Manjaro' or ansible_lsb.id == 'Manjaro-ARM' }}"
|
||||
|
||||
- name: Enable passwordless sudo access to wheel group (Others)
|
||||
lineinfile:
|
||||
path: /etc/sudoers
|
||||
line: "%wheel ALL=(ALL) NOPASSWD: ALL"
|
||||
regexp: "^#? *%wheel ALL=\\(ALL\\) NOPASSWD: ALL$"
|
||||
become: yes
|
||||
when: not manjaro
|
||||
|
||||
- name: Enable passwordless sudo access to wheel group (Manjaro)
|
||||
copy:
|
||||
content: "%wheel ALL=(ALL) NOPASSWD: ALL"
|
||||
dest: /etc/sudoers.d/11-wheel-nopasswd
|
||||
mode: "u=rwx,g=rx,o="
|
||||
when: manjaro
|
||||
become: yes
|
||||
# /etc/sudoers.d/10-installer is the same thing,
|
||||
# but **with** a password, and it's overwritten
|
||||
# with each upgrade of manjaro-system, hence this.
|
|
@ -1,200 +1,4 @@
|
|||
|
||||
# TODO Install python if not done
|
||||
# Or maybe not, it requires a lot of automation for something that can be done
|
||||
# very quickly manually and is usually already installed
|
||||
|
||||
- name: Install python-apt dependency for Termux
|
||||
block:
|
||||
# TODO Check if the correct version
|
||||
- name: Check for DistUtilsExtra (Termux)
|
||||
command: python -c 'import DistUtilsExtra'
|
||||
changed_when: False
|
||||
rescue:
|
||||
- name: Create temporarty folder for DistUtilsExtra (Termux)
|
||||
tempfile:
|
||||
state: directory
|
||||
suffix: python-distutils-extra
|
||||
# path: /data/data/com.termux/files/usr/tmp/
|
||||
register: pde_tempdir
|
||||
|
||||
- name: Download DistUtilsExtra (Termux)
|
||||
get_url:
|
||||
url: "https://launchpad.net/python-distutils-extra/trunk/{{ version }}/+download/python-distutils-extra-{{ version }}.tar.gz"
|
||||
dest: "{{ pde_tempdir.path }}/python-distutils-extra.tar.gz"
|
||||
|
||||
- name: Extract DistUtilsExtra (Termux)
|
||||
unarchive:
|
||||
src: "{{ pde_tempdir.path }}/python-distutils-extra.tar.gz"
|
||||
remote_src: yes
|
||||
dest: "{{ pde_tempdir.path }}"
|
||||
|
||||
- name: Install DistUtilsExtra (Termux)
|
||||
command:
|
||||
cmd: python3 setup.py install
|
||||
chdir: "{{ pde_tempdir.path }}/python-distutils-extra-{{ version }}"
|
||||
when: termux
|
||||
vars:
|
||||
version: 2.39
|
||||
|
||||
- name: Install python-apt (Termux)
|
||||
pip:
|
||||
name: python-apt
|
||||
when: termux
|
||||
|
||||
# Collecting python-apt
|
||||
# Using cached python-apt-0.7.8.tar.bz2 (49 kB)
|
||||
# ERROR: Command errored out with exit status 1:
|
||||
# command: /data/data/com.termux/files/usr/bin/python3 -c 'import sys, setuptools, tokenize; sys.argv[0] = '"'"'/data/data/com.termux/files/usr/tmp/pip-install-dsga__i7/python-apt/setup.py'"'"'; __file__='"'"'/data/data/com.termux/files/usr/tmp/pip-install-dsga__i7/python-apt/setup.py'"'"';f=getattr(tokenize, '"'"'open'"'"', open)(__file__);code=f.read().replace('"'"'\r\n'"'"', '"'"'\n'"'"');f.close();exec(compile(code, __file__, '"'"'exec'"'"'))' egg_info --egg-base /data/data/com.termux/files/usr/tmp/pip-pip-egg-info-ptpprl0m
|
||||
# cwd: /data/data/com.termux/files/usr/tmp/pip-install-dsga__i7/python-apt/
|
||||
# Complete output (5 lines):
|
||||
# Traceback (most recent call last):
|
||||
# File "<string>", line 1, in <module>
|
||||
# File "/data/data/com.termux/files/usr/tmp/pip-install-dsga__i7/python-apt/setup.py", line 11, in <module>
|
||||
# string.split(parse_makefile("python/makefile")["APT_PKG_SRC"]))
|
||||
# AttributeError: module 'string' has no attribute 'split'
|
||||
# ----------------------------------------
|
||||
# ERROR: Command errored out with exit status 1: python setup.py egg_info Check the logs for full command output.
|
||||
# WARNING: You are using pip version 20.2.3; however, version 20.3.3 is available.
|
||||
# You should consider upgrading via the '/data/data/com.termux/files/usr/bin/python3 -m pip install --upgrade pip' command.
|
||||
|
||||
# Arch configuration
|
||||
|
||||
# TODO Patch sudo-fake so it allows using -u so `become` works
|
||||
|
||||
- name: Enable multilib repo
|
||||
lineinfile:
|
||||
path: /etc/pacman.conf
|
||||
regexp: '^#?\s*\[multilib\]$'
|
||||
line: '[multilib]'
|
||||
become: yes
|
||||
when: arch_based and ansible_architecture == "x86_64"
|
||||
notify: udpate pacman cache
|
||||
|
||||
- name: Configure multilib repo
|
||||
lineinfile:
|
||||
path: /etc/pacman.conf
|
||||
regexp: '^#?\s*Include\s*=\s*/etc/pacman.d/mirrorlist'
|
||||
line: 'Include = /etc/pacman.d/mirrorlist'
|
||||
insertafter: '^\[multilib\]$'
|
||||
become: yes
|
||||
when: arch_based and ansible_architecture == "x86_64"
|
||||
notify: udpate pacman cache
|
||||
|
||||
- name: Update cache if needed
|
||||
meta: flush_handlers
|
||||
|
||||
- name: Install ccache
|
||||
pacman:
|
||||
name: ccache
|
||||
state: present
|
||||
extra_args: "--asdeps"
|
||||
become: yes
|
||||
when: arch_based
|
||||
|
||||
- name: Enable makepkg color
|
||||
replace:
|
||||
path: /etc/makepkg.conf
|
||||
regexp: '^BUILDENV=(.+)!color(.+)$'
|
||||
replace: 'BUILDENV=\1color\2'
|
||||
become: yes
|
||||
when: arch_based
|
||||
|
||||
- name: Enable makepkg ccache
|
||||
replace:
|
||||
path: /etc/makepkg.conf
|
||||
regexp: '^BUILDENV=(.+)!ccache(.+)$'
|
||||
replace: 'BUILDENV=\1ccache\2'
|
||||
become: yes
|
||||
when: arch_based
|
||||
|
||||
- name: Remove -mtune from makepkg CFLAGS
|
||||
replace:
|
||||
path: /etc/makepkg.conf
|
||||
regexp: '^#? *CFLAGS=(.+)-mtune=\S+\s(.*)$'
|
||||
replace: "CFLAGS=\\1\\2"
|
||||
become: yes
|
||||
when: arch_based
|
||||
|
||||
- name: Change -march to native from makepkg CFLAGS
|
||||
replace:
|
||||
path: /etc/makepkg.conf
|
||||
regexp: '^#? *CFLAGS=(.+)-march=\S+(\s)(.*)$'
|
||||
replace: "CFLAGS=\\1-march=native\\2\\3"
|
||||
become: yes
|
||||
when: arch_based
|
||||
|
||||
- name: Set makepkg MAKEFLAGS
|
||||
replace:
|
||||
path: /etc/makepkg.conf
|
||||
regexp: '^#? *MAKEFLAGS=(.+)-j[0-9]+(.+)$'
|
||||
replace: "MAKEFLAGS=\\1-j{{ j }}\\2"
|
||||
become: yes
|
||||
vars:
|
||||
j: "{{ [ansible_processor_nproc - 1, 1] | max | int }}"
|
||||
when: arch_based
|
||||
|
||||
- name: Enable pacman ParallelDownloads
|
||||
lineinfile:
|
||||
path: /etc/pacman.conf
|
||||
regexp: '^#?ParallelDownloads'
|
||||
line: 'ParallelDownloads = 5'
|
||||
insertafter: '^\[options\]$'
|
||||
become: yes
|
||||
when: arch_based
|
||||
|
||||
- name: Enable pacman colors
|
||||
lineinfile:
|
||||
path: /etc/pacman.conf
|
||||
regexp: '^#?Color'
|
||||
line: 'Color'
|
||||
insertafter: '^\[options\]$'
|
||||
become: yes
|
||||
when: arch_based
|
||||
|
||||
- name: Enable pacman pac-man
|
||||
lineinfile:
|
||||
path: /etc/pacman.conf
|
||||
regexp: '^#?ILoveCandy'
|
||||
line: 'ILoveCandy'
|
||||
insertafter: '^#?Color'
|
||||
become: yes
|
||||
when: arch_based
|
||||
|
||||
|
||||
# Install alternative package managers
|
||||
- name: List packages from base-devel
|
||||
command: pacman -Sqg base-devel
|
||||
register: base_devel_packages
|
||||
changed_when: no
|
||||
check_mode: no
|
||||
|
||||
- name: Install dependencies for AUR helpers
|
||||
pacman:
|
||||
name: "{{ (base_devel_packages.stdout | split('\n') | reject('eq', 'sudo')) + ['fakeroot'] }}"
|
||||
become: yes
|
||||
when: arch_based
|
||||
# Do not install sudo because maybe sudo-fake is installed (otherwise it conflicts)
|
||||
# It should already be installed already anyway
|
||||
|
||||
- name: Install AUR package manager (Arch)
|
||||
aur:
|
||||
name: yay-bin
|
||||
when: arch
|
||||
|
||||
- name: Install AUR package manager (Manjaro)
|
||||
pacman:
|
||||
name: yay
|
||||
become: yes
|
||||
when: manjaro
|
||||
# Not sure if regular Manjaro has yay in its community packages,
|
||||
# but Manjaro-ARM sure does
|
||||
|
||||
- name: Create cache folder
|
||||
file:
|
||||
state: directory
|
||||
mode: "u=rwx,g=rx,o=rx"
|
||||
path: "{{ ansible_user_dir }}/.cache/automatrop"
|
||||
|
||||
- name: Generate list of packages for package manager
|
||||
set_fact:
|
||||
packages: "{{ query('template', 'package_manager.j2')[0].split('\n')[:-1]|sort|unique }}"
|
||||
|
|
|
@ -1,15 +1,5 @@
|
|||
{# Macros #}
|
||||
{% if debian_based %}
|
||||
{% set python_prefix = 'python3' %}
|
||||
{% set lib_suffix = '-common' %}
|
||||
{% else %}
|
||||
{% set python_prefix = 'python' %}
|
||||
{% set lib_suffix = '' %}
|
||||
{% endif %}
|
||||
{# Include essential snippets #}
|
||||
{% include 'snippets/pm_dotfiles_dependencies.j2' %}
|
||||
{% include 'snippets/pm_shell.j2' %}
|
||||
{% include 'snippets/pm_terminal_essentials.j2' %}
|
||||
{% include 'snippets/pm_remote.j2' %}
|
||||
{% include 'snippets/pm_disk_cleanup.j2' %}
|
||||
{% include 'snippets/pm_local_monitoring.j2' %}
|
||||
|
|
|
@ -1,23 +0,0 @@
|
|||
{#
|
||||
Stuff that is required for scripts/programs of dotfiles to work properly
|
||||
#}
|
||||
coreutils
|
||||
bash
|
||||
grep
|
||||
sed
|
||||
tar
|
||||
openssl
|
||||
git
|
||||
wget
|
||||
curl
|
||||
{% if not termux %}
|
||||
{{ python_prefix }}-pip
|
||||
{# Termux already has pip via Python #}
|
||||
{% endif %}
|
||||
ansible
|
||||
{# Uncompressors #}
|
||||
unzip
|
||||
unrar
|
||||
p7zip
|
||||
{{ python_prefix }}-pystache
|
||||
{# EOF #}
|
|
@ -1,24 +0,0 @@
|
|||
moreutils
|
||||
man
|
||||
visidata
|
||||
{% if can_chown or not arch_based %}
|
||||
insect
|
||||
{% endif %}
|
||||
translate-shell
|
||||
gnupg
|
||||
{# Editor #}
|
||||
{% if termux %}
|
||||
nvim
|
||||
{% else %}
|
||||
neovim
|
||||
{% endif %}
|
||||
{% if not termux %}
|
||||
{{ python_prefix }}-neovim
|
||||
{% endif %}
|
||||
{# Downloaders #}
|
||||
wget
|
||||
{# Uncompressors #}
|
||||
unzip
|
||||
unrar
|
||||
p7zip
|
||||
{# EOF #}
|
|
@ -1,4 +1,5 @@
|
|||
#/usr/bin/env sh
|
||||
export NIXPKGS_ALLOW_UNFREE=1
|
||||
nix-build '<nixpkgs/nixos>' -A vm \
|
||||
-I nixpkgs=channel:nixos-23.05 \
|
||||
-I nixos-config=./configuration.nix
|
||||
|
|
|
@ -13,7 +13,7 @@
|
|||
# Enable the X11 windowing system
|
||||
services.xserver.enable = true;
|
||||
|
||||
# TODO qwerty-fr for X11
|
||||
# FIXME qwerty-fr for X11
|
||||
|
||||
# Enable CUPS to print documents
|
||||
services.printing.enable = true;
|
||||
|
@ -22,19 +22,63 @@
|
|||
sound.enable = true;
|
||||
hardware.pulseaudio.enable = true;
|
||||
|
||||
# services.xserver.displayManager.gdm.enable = true;
|
||||
services.xserver.displayManager.startx.enable = true;
|
||||
services.xserver.windowManager.i3.enable = true;
|
||||
|
||||
# Enable passwordless sudo
|
||||
security.sudo.extraRules = [
|
||||
{ groups = ["wheel"]; commands = [ { command = "ALL"; options = ["NOPASSWD"]; } ]; }
|
||||
];
|
||||
|
||||
# Users
|
||||
users.users.geoffrey = {
|
||||
isNormalUser = true;
|
||||
extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
|
||||
packages = with pkgs; [
|
||||
# dotfiles dependencies
|
||||
coreutils
|
||||
bash
|
||||
gnugrep
|
||||
gnused
|
||||
gnutar
|
||||
openssl
|
||||
git
|
||||
wget
|
||||
curl
|
||||
python3Packages.pip
|
||||
ansible # TODO Reevaluate
|
||||
|
||||
# shell
|
||||
zsh-completions
|
||||
nix-zsh-completions
|
||||
zsh-history-substring-search
|
||||
antigen # TODO Reevaluate
|
||||
powerline-go
|
||||
|
||||
# terminal essentials
|
||||
moreutils
|
||||
man
|
||||
visidata
|
||||
nodePackages.insect
|
||||
translate-shell
|
||||
unzip
|
||||
unrar
|
||||
p7zip
|
||||
|
||||
# remote
|
||||
openssh
|
||||
rsync
|
||||
tigervnc # FIXME Only with display server
|
||||
|
||||
# DEBUG
|
||||
firefox
|
||||
tree
|
||||
lolcat
|
||||
];
|
||||
initialPassword = "cartable";
|
||||
initialPassword = "cartable"; # DEBUG
|
||||
openssh.authorizedKeys.keys = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPE41gxrO8oZ5n3saapSwZDViOQphm6RzqgsBUyA88pU geoffrey@frogeye.fr"
|
||||
];
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
|
@ -42,8 +86,34 @@
|
|||
wget
|
||||
];
|
||||
|
||||
# Enable compilation cache
|
||||
programs = {
|
||||
ccache.enable = true;
|
||||
# TODO Not enough, see https://nixos.wiki/wiki/CCache.
|
||||
# Might want to see if it's worth using on NixOS
|
||||
gnupg.agent.enable = true;
|
||||
|
||||
# TODO Below should be user config
|
||||
|
||||
zsh = {
|
||||
enable = true;
|
||||
autosuggestions.enable = true;
|
||||
enableCompletion = true;
|
||||
syntaxHighlighting.enable = true;
|
||||
};
|
||||
neovim = {
|
||||
enable = true;
|
||||
defaultEditor = true;
|
||||
vimAlias = true;
|
||||
viAlias = true;
|
||||
};
|
||||
};
|
||||
|
||||
services = {
|
||||
# Enable the OpenSSH daemon
|
||||
services.openssh.enable = true;
|
||||
openssh.enable = true;
|
||||
getty.autologinUser = "geoffrey"; # DEBUG
|
||||
};
|
||||
|
||||
# TEST
|
||||
system.copySystemConfiguration = true;
|
||||
|
|
Loading…
Reference in a new issue